I am trying to implement alerting mechanism , Whenever we got "NullPointerException" in my fargate service log then alarm should trigger and it should send the stack trace of the exception to lambda which is in another account and from lambda we will send it to slack.
Although I have done this so far by creating metric filter and alarm and alarm triggers the lambda function but the issue was we are not getting the stack trace. what I was getting is like -
Alarm Details: - Name: App-Error-Alarm - Description: Errors in app.log - State Change: INSUFFICIENT_DATA -> ALARM - Reason for State Change: Threshold Crossed: 1 datapoint (1.0) was greater than or equal to the threshold (1.0). - Timestamp: Tuesday 07 February, 2017 16:39:43 UTC - AWS Account: <>
Threshold: - The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 1.0 for 300 seconds.
Monitored Metric: - MetricNamespace: LogMetrics - MetricName: ERROR - Dimensions: - Period: 300 seconds - Statistic: Sum - Unit: not specified
State Change Actions: - OK: - ALARM: [arn:aws:sns:us-east-1:<>:support] - INSUFFICIENT_DATA:
I'd like it to something like
Alarm: App-Error-Alarm
Keyword: "ERROR"
Reason: ERROR 2017-02-07 07:31:47,375 [SimpleAsyncTaskExecutor-5] com.app.server.rest.Watcher: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
And after that I also tried one more thing which was "Subscription filter" in log group but the limitation was there we cannot use other account lambda function.
Please let me know if you have any solution. Thanks in advance
To get the details in Slack, you have to parse the CloudWatch logstream of the failing component and include it in Slack content